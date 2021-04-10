



Google is seeing new threats from the North Korean government’s cyber group.

This was after Google’s Threat Analysis Group documented a hacking campaign for cybersecurity researchers in January.

According to Google, the hacker’s trick is to build trust by targeting legitimate researchers.

As Google explained in January, actors set up research blogs and multiple Twitter profiles to interact with researchers, used the profiles to post links to blogs, and “exploits they claim.” I posted a video of.

“Exploit” refers to code that exploits a software or security flaw.

In order to “build more trust with other security researchers,” Google has included a publicly available analysis of cyber vulnerabilities in its blog, with “guest” posts from “unconscious legitimate security researchers.” Was included.

After contacting the researchers, Cyber ​​Actors offered to cooperate in cyber security research and offered Microsoft’s program, Visual Studio Project, which contained malicious code, according to Google.

Google also observed some cases of unknowingly installing malware after the researchers visited the blog. “Shortly thereafter, a malicious service was installed on the researcher’s system,” according to Google.

Even advanced researchers can fall into cybercriminal tactics, Brian Martin, vice president of risk-based security vulnerability intelligence, told Fox News.

“Security officials shouldn’t click on these links first to shout, but if the information is appealing, it’s the first to click on a particular link,” Martin said.

On March 17, the same actor launched a new website associated with a fake company’s social media profile called “Securi Elite,” according to Google’s latest blog post on the threat.

This website is intended to represent an aggressive security company based in Turkey that provides penetration testing (simulated cyberattacks), software security assessments, and exploits. Aggressive security is a more aggressive and aggressive approach to protecting computer systems, as opposed to traditional defensive security.

The tactic continues to “tend to pretend to be a fellow security researcher,” Google said.

“Foreign enemies have evolved to steal valuable information or launch additional attacks because of their intrinsic value,” Matt Ashburn, head of strategic initiative for Authentic8, told Fox News. We continue to stick to the technology we continue to do. “

“Thankfully, the private sector has quickly discovered the operation, coordinated with a team of trust and safety to prevent risk, and published a study to warn others,” Ashburn said.

In addition to Twitter, cyber actors use social media and email such as LinkedIn, Telegram, Discord, and Keybase, according to Google.

